Recreate Apache settings for Lets Encrypt SSL.
--- a/deb/apache-letsencrypt.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-letsencrypt.bash Thu May 02 15:47:37 2024 +0300
@@ -30,3 +30,14 @@
# systemctl reload apache2
# sudo certbot --apache --agree-tos --redirect -m youremail@email.com -d domainname.com -d www.domainname.com
+
+cat >/srv/www/letsencrypt/apache-ssl-options.conf <<EOF
+SSLEngine on
+SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+SSLOptions +StrictRequire
+
+# Add vhost name to log entries:
+LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined
+LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
+EOF
+
--- a/deb/apache-register-2048.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-2048.bash Thu May 02 15:47:37 2024 +0300
@@ -35,7 +35,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
EOF
--- a/deb/apache-register-blog.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-blog.bash Thu May 02 15:47:37 2024 +0300
@@ -35,7 +35,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
EOF
--- a/deb/apache-register-cooking.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-cooking.bash Thu May 02 15:47:37 2024 +0300
@@ -35,7 +35,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
EOF
--- a/deb/apache-register-forward-proxy.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-forward-proxy.bash Thu May 02 15:47:37 2024 +0300
@@ -43,7 +43,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
'EOF'
--- a/deb/apache-register-gadict.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-gadict.bash Thu May 02 15:47:37 2024 +0300
@@ -41,7 +41,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
EOF
--- a/deb/apache-register-resume.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-resume.bash Thu May 02 15:47:37 2024 +0300
@@ -35,7 +35,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
EOF
--- a/deb/apache-register-stat.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-stat.bash Thu May 02 15:47:37 2024 +0300
@@ -35,7 +35,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
EOF
--- a/deb/apache-register-test.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-test.bash Thu May 02 15:47:37 2024 +0300
@@ -35,7 +35,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
EOF
--- a/deb/apache-register-tips.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-tips.bash Thu May 02 15:47:37 2024 +0300
@@ -35,7 +35,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
EOF
--- a/deb/apache-register-welcome.bash Thu May 02 15:46:52 2024 +0300
+++ b/deb/apache-register-welcome.bash Thu May 02 15:47:37 2024 +0300
@@ -35,7 +35,7 @@
SSLCertificateFile /etc/letsencrypt/live/defun.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/defun.work/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
+ Include /srv/www/letsencrypt/apache-ssl-options.conf
</VirtualHost>
</IfModule>
EOF